New Botnet impacts Symantec Client Port 2967 on unpatched PCs

Posted Mon, Nov 27 2006 19:38 by Harry Waldron

There appears to be active exploitation of an issue patched by Symantec back in May 2006

New Botnet impacts Symantec Client Port 2967
http://www.incidents.org/diary.php?storyid=1892

Symantec Client Security and Symantec AntiVirus Elevation of Privilege
http://www.symantec.com/avcenter/security/Content/2006.05.25.html

QUOTE: We've received reports of a massive new outbreak of bots exploiting the Symantec Client Security and Antivirus escalation of privilege vulnerability.  ("new" implying the outbreak, not the vulnerability

Comments

# W32.Spybot.ACYR worm - Exploits the unpatched Symantec SYM06-010 issue

Wednesday, November 29, 2006 2:06 PM by Harry Waldron - Microsoft MVP Blog

This new IRC based threat attempts to spread using a number of security exploits, including the SYM06-010

# W32.Spybot.ACYR worm - Exploits the unpatched Symantec SYM06-010 issue

Wednesday, November 29, 2006 2:08 PM by Harry Waldron - My IT Forums Blog

This new IRC based threat attempts to spread using a number of security exploits, including the SYM06-010